IETF Logo Mail Archive

Re: [Cfrg] Elliptic Curves - signature scheme: randomised or not (ends on May 13th)

Adam Langley <agl@imperialviolet.org> Mon, 04 May 2015 16:28 UTC

Return-Path: <alangley@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE8DF1A8AC4 for <cfrg@ietfa.amsl.com>; Mon, 4 May 2015 09:28:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qpgqj76wL-gK for <cfrg@ietfa.amsl.com>; Mon, 4 May 2015 09:28:51 -0700 (PDT)
Received: from mail-la0-x233.google.com (mail-la0-x233.google.com [IPv6:2a00:1450:4010:c03::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36AD71A7004 for <cfrg@irtf.org>; Mon, 4 May 2015 09:28:51 -0700 (PDT)
Received: by layy10 with SMTP id y10so108050493lay.0 for <cfrg@irtf.org>; Mon, 04 May 2015 09:28:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=NXxMknrpM81b9YBgwjQkkq0AO0KzoFgdGQN10uJ0N2k=; b=wD9f8ePN0g+G4zT/PQYAlKMaS7oeShom6oM9c1otRhD5tNAQ6cHBB7y21/eRsVD5z0 wj4WyarCGRKb0vCTu5jv/cpd3g0j6sizBSv6hnxrELDO9LX/VB03aLXknbl+6XRrcOK4 gmQEBTBXbqgvxCfjNeDWeZfQUon8CiBbf+mpy1Xxh1BsrJqw1ZogvmIrytRzZLPgfSVP Yh14s+Jbo9+HIxBSZMFXbKr5DKr9t7DJYRasA3PcFUeotgOlFRAlOkv1PKfgZr40Aonj /7OkAogRLFUu5Juq3VRnAzzznEYNJVlBMLa8cJrfum9Bh+enSo/xokZ7VwioJJQc+e8Q uH0A==
MIME-Version: 1.0
X-Received: by 10.153.7.104 with SMTP id db8mr20591120lad.124.1430756929573; Mon, 04 May 2015 09:28:49 -0700 (PDT)
Sender: alangley@gmail.com
Received: by 10.112.89.69 with HTTP; Mon, 4 May 2015 09:28:49 -0700 (PDT)
In-Reply-To: <5546032D.5070208@isode.com>
References: <5546032D.5070208@isode.com>
Date: Mon, 04 May 2015 09:28:49 -0700
X-Google-Sender-Auth: _HgPz_s5b4YsSygeXiun_DckimU
Message-ID: <CAMfhd9XJ6r-8xkWVQc9YAwYL0Yyj+KCoRXx4NeW9fq9JutC3cw@mail.gmail.com>
From: Adam Langley <agl@imperialviolet.org>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/cTuPB2S61UqLxvtxlWvF6lRwuUI>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Elliptic Curves - signature scheme: randomised or not (ends on May 13th)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 May 2015 16:28:52 -0000

On Sun, May 3, 2015 at 4:14 AM, Alexey Melnikov
<alexey.melnikov@isode.com> wrote:
> 1. CFRG should stick to randomised signature schemes only.
>
> 2. CFRG should adopt deterministic signature scheme only.
>
> 3. De-randomisation should be an optional feature for implementers to
> decide upon (i.e. both choices 1 and 2 allowed).

I would favour a deterministic signature scheme for robustness
reasons. I'm sure that, should certain applications wish to have
precomputed signatures, then an RFC won't stop them, but it will guide
most people towards the solution that is generally the best choice.


Cheers

AGL

-- 
Adam Langley agl@imperialviolet.org https://www.imperialviolet.org

v2.23.0 | Report a Bug | By Email